A secure and efficient outsourceable group key transfer protocol in cloud computing

Cloud computing provides robust computational power, and the customer can economically access to large amount of computing resources with a "pay-per-use" utility service. It also brings forth new challenges for security when customers want to securely outsource the computation of cryptographic operations to the untrusted cloud servers. Though group key transfer is a quite common scientific and engineering task, it is difficult to implement the protocol among group members, if group members are computationally weaker players. Cloud computing provides an avenue for computationally weaker players. A novel system model, with two public cloud servers and a trusted key generation center (KGC), is proposed to address the issue of group key transfer. In order to protect the sensitive information of the customers from the public cloud's learning, we design a secure group key transfer protocol based on secret sharing in cloud computing, in which both KGC and weaker group members can delegate cloud servers to compute the interpolation polynomial and the group members are able to come up with a same key. Extensive theoretical analysis and experiment results are also given to validate the practicability of our protocol.

[1]  Kristin E. Lauter,et al.  Cryptographic Cloud Storage , 2010, Financial Cryptography Workshops.

[2]  Mikhail J. Atallah,et al.  Secure outsourcing of sequence comparisons , 2005, International Journal of Information Security.

[3]  Jianfeng Ma,et al.  New Algorithms for Secure Outsourcing of Modular Exponentiations , 2014, IEEE Trans. Parallel Distributed Syst..

[4]  Eugene H. Spafford,et al.  Secure outsourcing of scientific computations , 2001, Adv. Comput..

[5]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[6]  David Hutchison,et al.  A survey of key management for secure group communication , 2003, CSUR.

[7]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[8]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[9]  Mikhail J. Atallah,et al.  Secure and Efficient Outsourcing of Sequence Comparisons , 2012, ESORICS.

[10]  Duncan S. Wong,et al.  An efficient key distribution scheme in cloud computing , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[11]  Shimshon Berkovits,et al.  How To Broadcast A Secret , 1991, EUROCRYPT.

[12]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[13]  J. Hoffstein,et al.  An introduction to mathematical cryptography , 2008 .

[14]  Cong Wang,et al.  Harnessing the Cloud for Securely Solving Large-Scale Systems of Linear Equations , 2011, 2011 31st International Conference on Distributed Computing Systems.

[15]  Rolf Blom,et al.  An Optimal Class of Symmetric Key Generation Systems , 1985, EUROCRYPT.

[16]  Chi-Sung Laih,et al.  A new threshold scheme and its application in designing the conference key distribution cryptosystem , 1989, Inf. Process. Lett..

[17]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[18]  Yehuda Lindell,et al.  Secure Multiparty Computation for Privacy-Preserving Data Mining , 2009, IACR Cryptol. ePrint Arch..

[19]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[20]  David Chaum,et al.  Wallet Databases with Observers , 1992, CRYPTO.

[21]  Chih-Hung Li,et al.  Conference Key Agreement from Secret Sharing , 1999, ACISP.

[22]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[23]  Hugh Harney,et al.  Group Key Management Protocol (GKMP) Specification , 1997, RFC.

[24]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[25]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[26]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[27]  E. Süli,et al.  An introduction to numerical analysis , 2003 .

[28]  Mikhail J. Atallah,et al.  Securely outsourcing linear algebra computations , 2010, ASIACCS '10.

[29]  Tao Jiang,et al.  An Improved Authenticated Group Key Transfer Protocol Based on Secret Sharing , 2013, IEEE Transactions on Computers.

[30]  Cong Wang,et al.  Secure and practical outsourcing of linear programming in cloud computing , 2011, 2011 Proceedings IEEE INFOCOM.

[31]  Mikhail J. Atallah,et al.  Private and Cheating-Free Outsourcing of Algebraic Computations , 2008, 2008 Sixth Annual Conference on Privacy, Security and Trust.

[32]  Lein Harn,et al.  Authenticated Group Key Transfer Protocol Based on Secret Sharing , 2010, IEEE Transactions on Computers.

[33]  Amos Fiat,et al.  Broadcast Encryption , 1993, CRYPTO.

[34]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[35]  Craig Gentry,et al.  Non-interactive Verifiable Computing: Outsourcing Computation to Untrusted Workers , 2010, CRYPTO.

[36]  Moti Yung,et al.  Perfectly Secure Key Distribution for Dynamic Conferences , 1998, Inf. Comput..